Server : Apache System : Linux iZ2vcgyutqttsd1p850kl8Z 3.10.0-1160.92.1.el7.x86_64 #1 SMP Tue Jun 20 11:48:01 UTC 2023 x86_64 User : www ( 1000) PHP Version : 5.6.40 Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv Directory : /www/wwwroot/saimikebio.com/ecshopjcw/includes/ |
<?php /** * ECSHOP 管理中心公用文件 * ============================================================================ * * 版权所有 2005-2012 上海商派网络科技有限公司,并保留所有权利。 * 网站地址: http://www.ecshop.com; * ---------------------------------------------------------------------------- * 这不是一个自由软件!您只能在不用于商业目的的前提下对程序代码进行修改和 * 使用;不允许对程序代码以任何形式任何目的的再发布。 * ============================================================================ * $Author: liubo $ * $Id: init.php 17217 2011-01-19 06:29:08Z liubo $ */ if (!defined('IN_ECS')) { die('Hacking attempt'); } define('ECS_ADMIN', true); error_reporting(E_ALL); if (__FILE__ == '') { die('Fatal error code: 0'); } /* 初始化设置 */ @ini_set('memory_limit', '64M'); @ini_set('session.cache_expire', 180); @ini_set('session.use_trans_sid', 0); @ini_set('session.use_cookies', 1); @ini_set('session.auto_start', 0); @ini_set('display_errors', 1); if (DIRECTORY_SEPARATOR == '\\') { @ini_set('include_path', '.;' . ROOT_PATH); } else { @ini_set('include_path', '.:' . ROOT_PATH); } if (file_exists('../data/config.php')) { include('../data/config.php'); } else { include('../includes/config.php'); } /* 取得当前ecshop所在的根目录 */ if(!defined('ADMIN_PATH')) { define('ADMIN_PATH','admin'); } define('ROOT_PATH', str_replace(ADMIN_PATH . '/includes/init.php', '', str_replace('\\', '/', __FILE__))); if (defined('DEBUG_MODE') == false) { define('DEBUG_MODE', 0); } if (PHP_VERSION >= '5.1' && !empty($timezone)) { date_default_timezone_set($timezone); } if (isset($_SERVER['PHP_SELF'])) { define('PHP_SELF', $_SERVER['PHP_SELF']); } else { define('PHP_SELF', $_SERVER['SCRIPT_NAME']); } require(ROOT_PATH . 'includes/inc_constant.php'); require(ROOT_PATH . 'includes/cls_ecshop.php'); require(ROOT_PATH . 'includes/cls_error.php'); require(ROOT_PATH . 'includes/lib_time.php'); require(ROOT_PATH . 'includes/lib_base.php'); require(ROOT_PATH . 'includes/lib_common.php'); require(ROOT_PATH . ADMIN_PATH . '/includes/lib_main.php'); require(ROOT_PATH . ADMIN_PATH . '/includes/cls_exchange.php'); /* 对用户传入的变量进行转义操作。*/ if (!get_magic_quotes_gpc()) { if (!empty($_GET)) { $_GET = addslashes_deep($_GET); } if (!empty($_POST)) { $_POST = addslashes_deep($_POST); } $_COOKIE = addslashes_deep($_COOKIE); $_REQUEST = addslashes_deep($_REQUEST); } /* 对路径进行安全处理 */ if (strpos(PHP_SELF, '.php/') !== false) { ecs_header("Location:" . substr(PHP_SELF, 0, strpos(PHP_SELF, '.php/') + 4) . "\n"); exit(); } /* 创建 ECSHOP 对象 */ $ecs = new ECS($db_name, $prefix); define('DATA_DIR', $ecs->data_dir()); define('IMAGE_DIR', $ecs->image_dir()); /* 初始化数据库类 */ require(ROOT_PATH . 'includes/cls_mysql.php'); $db = new cls_mysql($db_host, $db_user, $db_pass, $db_name); $db_host = $db_user = $db_pass = $db_name = NULL; /* 创建错误处理对象 */ $err = new ecs_error('message.htm'); /* 初始化session */ require(ROOT_PATH . 'includes/cls_session.php'); $sess = new cls_session($db, $ecs->table('sessions'), $ecs->table('sessions_data'), 'ECSCP_ID'); /* 初始化 action */ if (!isset($_REQUEST['act'])) { $_REQUEST['act'] = ''; } elseif (($_REQUEST['act'] == 'login' || $_REQUEST['act'] == 'logout' || $_REQUEST['act'] == 'signin') && strpos(PHP_SELF, '/privilege.php') === false) { $_REQUEST['act'] = ''; } elseif (($_REQUEST['act'] == 'forget_pwd' || $_REQUEST['act'] == 'reset_pwd' || $_REQUEST['act'] == 'get_pwd') && strpos(PHP_SELF, '/get_password.php') === false) { $_REQUEST['act'] = ''; } /* 载入系统参数 */ $_CFG = load_config(); // TODO : 登录部分准备拿出去做,到时候把以下操作一起挪过去 if ($_REQUEST['act'] == 'captcha') { include(ROOT_PATH . 'includes/cls_captcha.php'); $img = new captcha('../data/captcha/'); @ob_end_clean(); //清除之前出现的多余输入 $img->generate_image(); exit; } require(ROOT_PATH . 'languages/' .$_CFG['lang']. '/admin/common.php'); require(ROOT_PATH . 'languages/' .$_CFG['lang']. '/admin/log_action.php'); if (file_exists(ROOT_PATH . 'languages/' . $_CFG['lang'] . '/admin/' . basename(PHP_SELF))) { include(ROOT_PATH . 'languages/' . $_CFG['lang'] . '/admin/' . basename(PHP_SELF)); } if (!file_exists('../temp/caches')) { @mkdir('../temp/caches', 0777); @chmod('../temp/caches', 0777); } if (!file_exists('../temp/compiled/admin')) { @mkdir('../temp/compiled/admin', 0777); @chmod('../temp/compiled/admin', 0777); } clearstatcache(); /* 如果有新版本,升级 */ if (!isset($_CFG['ecs_version'])) { $_CFG['ecs_version'] = 'v2.0.5'; } if (preg_replace('/(?:\.|\s+)[a-z]*$/i', '', $_CFG['ecs_version']) != preg_replace('/(?:\.|\s+)[a-z]*$/i', '', VERSION) && file_exists('../upgrade/index.php')) { // 转到升级文件 ecs_header("Location: ../upgrade/index.php\n"); exit; } /* 创建 Smarty 对象。*/ require(ROOT_PATH . 'includes/cls_template.php'); $smarty = new cls_template; $smarty->template_dir = ROOT_PATH . ADMIN_PATH . '/templates'; $smarty->compile_dir = ROOT_PATH . 'temp/compiled/admin'; if ((DEBUG_MODE & 2) == 2) { $smarty->force_compile = true; } $_LANG['query_info'] = '<a href="http://www.ecshopjcw.com" target="_blank" style="color:#9CACAF">ECSHOP教程网</a> 提供技术支持 <br /> 共执行 %d 个查询,用时 %s 秒'; $smarty->assign('lang', $_LANG); $smarty->assign('help_open', $_CFG['help_open']); if(isset($_CFG['enable_order_check'])) // 为了从旧版本顺利升级到2.5.0 { $smarty->assign('enable_order_check', $_CFG['enable_order_check']); } else { $smarty->assign('enable_order_check', 0); } /* 验证通行证信息 */ if(isset($_GET['ent_id']) && isset($_GET['ent_ac']) && isset($_GET['ent_sign']) && isset($_GET['ent_email'])) { $ent_id = trim($_GET['ent_id']); $ent_ac = trim($_GET['ent_ac']); $ent_sign = trim($_GET['ent_sign']); $ent_email = trim($_GET['ent_email']); $certificate_id = trim($_CFG['certificate_id']); $domain_url = $ecs->url(); $token=$_GET['token']; if($token==md5(md5($_CFG['token']).$domain_url.ADMIN_PATH)) { require(ROOT_PATH . 'includes/cls_transport.php'); $t = new transport('-1',5); $apiget = "act=ent_sign&ent_id= $ent_id & certificate_id=$certificate_id"; $t->request('http://cloud.ecshop.com/api.php', $apiget); $db->query('UPDATE '.$ecs->table('shop_config') . ' SET value = "'. $ent_id .'" WHERE code = "ent_id"'); $db->query('UPDATE '.$ecs->table('shop_config') . ' SET value = "'. $ent_ac .'" WHERE code = "ent_ac"'); $db->query('UPDATE '.$ecs->table('shop_config') . ' SET value = "'. $ent_sign .'" WHERE code = "ent_sign"'); $db->query('UPDATE '.$ecs->table('shop_config') . ' SET value = "'. $ent_email .'" WHERE code = "ent_email"'); clear_cache_files(); ecs_header("Location: ./index.php\n"); } } /* 验证管理员身份 */ if ((!isset($_SESSION['admin_id']) || intval($_SESSION['admin_id']) <= 0) && $_REQUEST['act'] != 'login' && $_REQUEST['act'] != 'signin' && $_REQUEST['act'] != 'forget_pwd' && $_REQUEST['act'] != 'reset_pwd' && $_REQUEST['act'] != 'check_order') { /* session 不存在,检查cookie */ if (!empty($_COOKIE['ECSCP']['admin_id']) && !empty($_COOKIE['ECSCP']['admin_pass'])) { // 找到了cookie, 验证cookie信息 $sql = 'SELECT user_id, user_name, password, action_list, last_login ' . ' FROM ' .$ecs->table('admin_user') . " WHERE user_id = '" . intval($_COOKIE['ECSCP']['admin_id']) . "'"; $row = $db->GetRow($sql); if (!$row) { // 没有找到这个记录 setcookie($_COOKIE['ECSCP']['admin_id'], '', 1); setcookie($_COOKIE['ECSCP']['admin_pass'], '', 1); if (!empty($_REQUEST['is_ajax'])) { make_json_error($_LANG['priv_error']); } else { ecs_header("Location: privilege.php?act=login\n"); } exit; } else { // 检查密码是否正确 if (md5($row['password'] . $_CFG['hash_code']) == $_COOKIE['ECSCP']['admin_pass']) { !isset($row['last_time']) && $row['last_time'] = ''; set_admin_session($row['user_id'], $row['user_name'], $row['action_list'], $row['last_time']); // 更新最后登录时间和IP $db->query('UPDATE ' . $ecs->table('admin_user') . " SET last_login = '" . gmtime() . "', last_ip = '" . real_ip() . "'" . " WHERE user_id = '" . $_SESSION['admin_id'] . "'"); } else { setcookie($_COOKIE['ECSCP']['admin_id'], '', 1); setcookie($_COOKIE['ECSCP']['admin_pass'], '', 1); if (!empty($_REQUEST['is_ajax'])) { make_json_error($_LANG['priv_error']); } else { ecs_header("Location: privilege.php?act=login\n"); } exit; } } } else { if (!empty($_REQUEST['is_ajax'])) { make_json_error($_LANG['priv_error']); } else { ecs_header("Location: privilege.php?act=login\n"); } exit; } } $smarty->assign('token', $_CFG['token']); if ($_REQUEST['act'] != 'login' && $_REQUEST['act'] != 'signin' && $_REQUEST['act'] != 'forget_pwd' && $_REQUEST['act'] != 'reset_pwd' && $_REQUEST['act'] != 'check_order') { $admin_path = preg_replace('/:\d+/', '', $ecs->url()) . ADMIN_PATH; if (!empty($_SERVER['HTTP_REFERER']) && strpos(preg_replace('/:\d+/', '', $_SERVER['HTTP_REFERER']), $admin_path) === false) { if (!empty($_REQUEST['is_ajax'])) { make_json_error($_LANG['priv_error']); } else { ecs_header("Location: privilege.php?act=login\n"); } exit; } } /* 管理员登录后可在任何页面使用 act=phpinfo 显示 phpinfo() 信息 */ if ($_REQUEST['act'] == 'phpinfo' && function_exists('phpinfo')) { phpinfo(); exit; } //header('Cache-control: private'); header('content-type: text/html; charset=' . EC_CHARSET); header('Expires: Fri, 14 Mar 1980 20:53:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-cache, must-revalidate'); header('Pragma: no-cache'); if ((DEBUG_MODE & 1) == 1) { error_reporting(E_ALL); } else { error_reporting(E_ALL ^ E_NOTICE); } if ((DEBUG_MODE & 4) == 4) { include(ROOT_PATH . 'includes/lib.debug.php'); } /* 判断是否支持gzip模式 */ if (gzip_enabled()) { ob_start('ob_gzhandler'); } else { ob_start(); } ?>